-
Notifications
You must be signed in to change notification settings - Fork 0
SSH Connection with No Password
Useful if you frequently connect to a remote machine using ssh.
- SSH server running on remote machine (Obvious)
- ssh client on you local machine
Before you connect to a remote machine using ssh you should verify its public key(s). If it is different than what you expected, it is possible that someone is attempting a man-in-the-middle attack on you. If already know the remote server's public key fingerprint(s), then you can use it.
When you setup a server, you can run the following commanda to obtain the fingerprints of its public keys:
$ ssh-keygen -l -f /etc/ssh/ssh_host_rsa_key.pub
$ ssh-keygen -l -f /etc/ssh/ssh_host_ecdsa_key.pub
$ ssh-keygen -l -f /etc/ssh/ssh_host_dsa_key.pub
You should see something like the following as output:
2048 f9:a0:eb:0a:61:e7:9b:43:4a:ec:1e:40:01:6b:17:e3 root@remote_machine (RSA)
256 28:5a:f3:27:e5:bb:5f:76:3d:61:61:62:64:9b:80:0f root@remote_machine (ECDSA)
1024 b8:0f:e6:f0:11:8a:47:79:4a:04:f1:83:25:df:c2:39 root@remote_machine (DSA)
The first number is its keysize. The second element is the server's public key fingerprint. It is this fingerprint that you should use to verify the server with.
You might want to check your .ssh directory (in your home directory) before generating a ssh key pair (you might have an existing key pair (which you could utilize).
$ ssh-keygen -t rsa -b 4096
The -t option allows you to specify the key type. The -b option allows you to specify the key size.
You will be prompted to enter a filename and password (both can be left default/blank).
$ ssh-copy-id user@remote_machine
You will be prompted to enter the password for the account on the remote_machine.
Note: ssh-copy-id is a available on most Linux distributions. If you are in a Mac OS X environment, then you can add this command using this Github repository.
$ ssh user@remote_machine